public DisplayPeImport(
PeImport PeImport,
PhSymbolProvider SymPrv,
string ModuleFilePath,
bool ImportFound
)
{
Info.ordinal = PeImport.Ordinal;
Info.hint = PeImport.Hint;
Info.name = PeImport.Name;
Info.moduleName = PeImport.ModuleName;
Info.modulePath = ModuleFilePath;
Tuple <CLRPH_DEMANGLER, string> DemanglingInfos = SymPrv.UndecorateName(PeImport.Name);
Info.Demangler = Enum.GetName(typeof(CLRPH_DEMANGLER), DemanglingInfos.Item1);
Info.UndecoratedName = DemanglingInfos.Item2;
Info.delayedImport = PeImport.DelayImport;
Info.importAsCppName = (PeImport.Name.Length > 0 && PeImport.Name[0] == '?');
Info.importByOrdinal = PeImport.ImportByOrdinal;
Info.importNotFound = !ImportFound;
AddNewEventHandler("Undecorate", "Undecorate", "Name", this.GetDisplayName);
AddNewEventHandler("FullPath", "FullPath", "ModuleName", this.GetPathDisplayName);
}
public AheadlibCodeGenerator(string codeGenPath, string oldDllName, bool isCodegenFunctionTrace, CodeGenDllMode dllMode, string logPath, DisplayModuleInfo dlltarget, string cfg)
{
CodeGenPath = codeGenPath;
OldDllName = oldDllName;
IsCodegenFunctionTrace = isCodegenFunctionTrace;
DllMode = dllMode;
LogPath = logPath;
DllTarget = dlltarget;
Functions = new List <AheadlibFunction>();
ReplaceRuleLoader = ReplaceRuleLoader.GetReplaceRules(cfg);
PhSymbolProvider symbolProvider = new PhSymbolProvider();
foreach (var expfunction in dlltarget.Exports)
{
AheadlibFunction function = new AheadlibFunction();
function.Ordinal = expfunction.Ordinal;
function.Name = expfunction.Name;
var dx = new DisplayPeExport(expfunction, symbolProvider);
function.UndecorateName = dx.Name;
//function.SubstituteSymbol = function.UndecorateName; //ReplaceRuleLoader.Get_NameInSourceCode_From_Name(function.Name);
function.ExportByOrdinal = expfunction.ExportByOrdinal;
function.VirtualAddress = expfunction.VirtualAddress;
Functions.Add(function);
}
}
public void InitializeView()
{
if (!NativeFile.Exists(this.Filename))
{
MessageBox.Show(
String.Format("{0:s} is not present on the disk", this.Filename),
"Invalid PE",
MessageBoxButton.OK
);
return;
}
this.Pe = (Application.Current as App).LoadBinary(this.Filename);
if (this.Pe == null || !this.Pe.LoadSuccessful)
{
MessageBox.Show(
String.Format("{0:s} is not a valid PE-COFF file", this.Filename),
"Invalid PE",
MessageBoxButton.OK
);
return;
}
this.SymPrv = new PhSymbolProvider();
this.RootFolder = Path.GetDirectoryName(this.Filename);
this.SxsEntriesCache = SxsManifest.GetSxsEntries(this.Pe);
this.ProcessedModulesCache = new ModulesCache();
this.ApiSetmapCache = Phlib.GetApiSetSchema();
this._SelectedModule = null;
this._DisplayWarning = false;
// TODO : Find a way to properly bind commands instead of using this hack
this.ModulesList.Items.Clear();
this.ModulesList.DoFindModuleInTreeCommand = DoFindModuleInTree;
this.ModulesList.ConfigureSearchOrderCommand = ConfigureSearchOrderCommand;
var RootFilename = Path.GetFileName(this.Filename);
var RootModule = new DisplayModuleInfo(RootFilename, this.Pe, ModuleSearchStrategy.ROOT);
this.ProcessedModulesCache.Add(new ModuleCacheKey(RootFilename, this.Filename), RootModule);
ModuleTreeViewItem treeNode = new ModuleTreeViewItem();
DependencyNodeContext childTreeInfoContext = new DependencyNodeContext()
{
ModuleInfo = new WeakReference(RootModule),
IsDummy = false
};
treeNode.DataContext = childTreeInfoContext;
treeNode.Header = treeNode.GetTreeNodeHeaderName(Dependencies.Properties.Settings.Default.FullPath);
treeNode.IsExpanded = true;
this.DllTreeView.Items.Clear();
this.DllTreeView.Items.Add(treeNode);
// Recursively construct tree of dll imports
ConstructDependencyTree(treeNode, this.Pe);
}
public void SetExports(List <PeExport> Exports, PhSymbolProvider SymPrv)
{
this.Items.Clear();
foreach (PeExport Export in Exports)
{
this.Items.Add(new DisplayPeExport(Export, SymPrv));
}
}
public void SetExports(List <PeExport> Exports, PhSymbolProvider SymPrv)
{
this.ExportList.Items.Clear();
foreach (PeExport Export in Exports)
{
this.ExportList.Items.Add(new DisplayPeExport(Export, SymPrv));
}
// Refresh search view
ExportSearchFilter_OnTextChanged(null, null);
}
public void SetImports(List <PeImportDll> Imports, PhSymbolProvider SymPrv, DependencyWindow Dependencies)
{
this.Items.Clear();
foreach (PeImportDll DllImport in Imports)
{
PE ModuleImport = Dependencies.LoadImport(DllImport.Name, null, DllImport.IsDelayLoad());
string ModuleFilepath = (ModuleImport != null) ? ModuleImport.Filepath : null;
foreach (var Import in BinaryCache.LookupImports(DllImport, ModuleFilepath))
{
this.Items.Add(new DisplayPeImport(Import.Item1, SymPrv, ModuleFilepath, Import.Item2));
}
}
}
public DependencyWindow(String FileName)
{
InitializeComponent();
this.Filename = FileName;
this.Pe = new PE(FileName);
if (!this.Pe.LoadSuccessful)
{
MessageBox.Show(
String.Format("{0:s} is not a valid PE-COFF file", this.Filename),
"Invalid PE",
MessageBoxButton.OK
);
return;
}
this.SymPrv = new PhSymbolProvider();
this.RootFolder = Path.GetDirectoryName(FileName);
this.SxsEntriesCache = SxsManifest.GetSxsEntries(this.Pe);
this.ProcessedModulesCache = new ModulesCache();
this.ApiSetmapCache = Phlib.GetApiSetSchema();
// TODO : Find a way to properly bind commands instead of using this hack
this.ModulesList.DoFindModuleInTreeCommand = DoFindModuleInTree;
var RootFilename = Path.GetFileName(FileName);
var RootModule = new DisplayModuleInfo(RootFilename, this.Pe);
this.ProcessedModulesCache.Add(new ModuleCacheKey(RootFilename, FileName), RootModule);
ModuleTreeViewItem treeNode = new ModuleTreeViewItem();
DependencyNodeContext childTreeInfoContext = new DependencyNodeContext()
{
ModuleInfo = new WeakReference(RootModule),
IsDummy = false
};
treeNode.DataContext = childTreeInfoContext;
treeNode.Header = treeNode.GetTreeNodeHeaderName(Dependencies.Properties.Settings.Default.FullPath);
treeNode.IsExpanded = true;
this.DllTreeView.Items.Add(treeNode);
// Recursively construct tree of dll imports
ConstructDependencyTree(treeNode, this.Pe);
}
public void SetImports(List <PeImportDll> Imports, PhSymbolProvider SymPrv, DependencyWindow Dependencies)
{
this.ImportList.Items.Clear();
foreach (PeImportDll DllImport in Imports)
{
PE ModuleImport = Dependencies.LoadImport(DllImport.Name, null, (DllImport.Flags & 0x01) == 0x01 /* TODO : Use proper macros */);
string ModuleFilepath = (ModuleImport != null) ? ModuleImport.Filepath : null;
foreach (PeImport Import in DllImport.ImportList)
{
this.ImportList.Items.Add(new DisplayPeImport(Import, SymPrv, ModuleFilepath));
}
}
// Refresh search view
ImportSearchFilter_OnTextChanged(null, null);
}
public DisplayPeImport(
PeImport PeImport,
PhSymbolProvider SymPrv,
string ModuleFilePath
)
{
Info.ordinal = PeImport.Ordinal;
Info.hint = PeImport.Hint;
Info.name = PeImport.Name;
Info.moduleName = PeImport.ModuleName;
Info.modulePath = ModuleFilePath;
Info.UndecoratedName = SymPrv.UndecorateName(PeImport.Name);
Info.delayedImport = PeImport.DelayImport;
Info.importAsCppName = (PeImport.Name.Length > 0 && PeImport.Name[0] == '?');
Info.importByOrdinal = PeImport.ImportByOrdinal;
Info.importNotFound = !BinaryCache.LookupImport(ModuleFilePath, PeImport.Name, PeImport.Ordinal, PeImport.ImportByOrdinal);
AddNewEventHandler("Undecorate", "Undecorate", "Name", this.GetDisplayName);
AddNewEventHandler("FullPath", "FullPath", "ModuleName", this.GetPathDisplayName);
}
public void SetImports(List <PeImportDll> Imports, PE rootPe, SxsEntries SxsCache, PhSymbolProvider SymPrv)
{
this.ImportList.Items.Clear();
foreach (PeImportDll DllImport in Imports)
{
Tuple <ModuleSearchStrategy, String> PeFilePath = FindPe.FindPeFromDefault(rootPe, DllImport.Name, SxsCache);
foreach (PeImport Import in DllImport.ImportList)
{
this.ImportList.Items.Add(new DisplayPeImport(Import, SymPrv, PeFilePath.Item2));
}
}
// Refresh search view
ImportSearchFilter_OnTextChanged(null, null);
}
public void SetImports(string ModuleFilepath, List <PeExport> Exports, List <PeImportDll> ParentImports, PhSymbolProvider SymPrv, DependencyWindow Dependencies)
{
this.Items.Clear();
foreach (PeImportDll DllImport in ParentImports)
{
foreach (var Import in BinaryCache.LookupImports(DllImport, Exports))
{
this.Items.Add(new DisplayPeImport(Import.Item1, SymPrv, ModuleFilepath, Import.Item2));
}
}
}
